Significant legal and technical challenges exists with respect to protection of customer information, increasing incidents of fraud in banking sectors such as identity theft, as well as with other economic sectors, and the introduction of authentication technologies. Banks, for example, along with other businesses are recommended to conduct risk-based assessments, evaluate customer awareness programs, and develop security measures to reliably authenticate customers remotely accessing their internet-based financial services. A typical user can possess many different login names and associated login passwords, which are often alpha-numeric strings of characters or symbols. Single-factor authentication mechanisms as such as these continue to be inadequate for high-risk transactions involving access to customer information or the movement of funds to other parties.
Thus, there is an increase in demand for authentication techniques employed by business institutions to be appropriate to the level of risks associated with those products and services associated with user activities. Although account fraud and identity theft are frequently the result of single-factor (e.g., ID/password) authentication exploitation, even biometric security such as fingerprinting, is not altogether complete in security with associated user name and passwords. Where risk assessments indicate that the use of single-factor authentication is inadequate, financial institutions could implement multifactor authentication, layered security, or other controls reasonably calculated to mitigate those risks.